=== SMTP for Contact Form 7 ===
Contributors: codekraft, gardenboi, MemoryShadow
Tags: smtp, mail, wp mail, contact form 7, oauth2
Requires PHP: 7.1
Requires at least: 5.5
Tested up to: 7.0
Stable tag: 1.1.1
Requires plugins: Contact Form 7
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Secure your Contact Form 7 emails with this free SMTP plugin. It configures wp_mail() and features OAuth2, custom templates, and automated reports.

== Description ==

WordPress uses PHPMailer to send mail from with your local mail server, but it can happen that your mail were not accepted by mail providers...
This can happen for several reasons, sometimes because the mail server is not configured or sometimes because the records DKIM, DMARC and SPF of the domain been set up correctly and so on...
Anyway you can avoid any problems by using an external SMTP server and sending mail with it!

= Additional features =

✅ **OAuth2 Authentication:** Securely connect to Gmail and Microsoft Office 365 without needing to store passwords in your database or enable "less secure apps".
✅ **Per-Form Custom Templates:** Wrap CF7 emails with beautiful templates. You can now select a specific custom template for *each* form directly from the plugin settings!
✅ **Global or CF7-Only Mode:** Choose whether to override all WordPress emails with this SMTP configuration or limit it exclusively to Contact Form 7 submissions.
✅ **Live testing:** a module for testing e-mail settings with the Rest-Api (that avoid to reload the page for this kind of test). The entire output of the php mailer will be captured, which will be useful in case of configuration errors or to get the wrong parameter when is possible.
✅ **Automated Reports:** choose when and what email you want to receive the report and I will send you a beautifully formatted HTML summary of sent and failed emails. Includes log retention settings to keep your database clean.
✅ **Advanced Headers & Security:** Easily automatically set "Reply-To" headers, allow insecure options for self-signed certificates, and define custom "From Name" and "From Email" settings.

This plugin is ads free and I don't want to try to sell you any pro version!
If you want to contribute, there are many ways to do so, from simple suggestions and bug reports to translating and contributing code.
See below how to do it!

== SMTP ==
SMTP stands for 'Simple Mail Transfer Protocol'.
It is a connection-oriented, text-based network protocol of the Internet protocol family and as such is on the seventh layer of the ISO/OSI model, the application layer.
Like any other network protocol, it contains the rules for proper communication between networked computers.
SMTP is specifically responsible for sending and forwarding e-mails from a sender to a recipient.
Since its release in 1982 as the successor to the 'Mail Box Protocol' in Arpanet, SMTP has become the standard protocol for sending e-mails.
However, the SMTP procedure remains largely invisible to the normal consumer, as it is executed in the background by the e-mail programme used.
Only if the software, the webmail application on the browser or the mobile e-mail application does not automatically determine the SMTP protocol when creating an account, does it have to be set manually to ensure smooth e-mail traffic.

= SMTP presets =
1. Aruba
2. Gmail (tls and ssl)
3. Yahoo (tls and ssl)
4. Outlook (tls and ssl)
5. Office365 (tls)

= OAuth2 Setup =

**Google Gmail**
To use Gmail with OAuth2, you need to create a Google Cloud Project:
1. **Create Project:** Go to [Google Cloud Console](https://console.cloud.google.com/) and create a new project.
2. **Enable Gmail API (Required):** Go to **APIs & Services > Library**, search for **Gmail API**, and click **Enable**.
3. **Configure Consent Screen:** Go to **OAuth consent screen** and create an **External** app.
    * **Scopes:** Click *Add or Remove Scopes*, search for the Gmail API, and check the boxes for `.../auth/userinfo.email` and `.../auth/gmail.compose` (or `https://mail.google.com/`).
    * **Publishing Status:** Click **Publish App** to push it to production (otherwise, your connection token will expire every 7 days).
4. **Create Credentials:** Go to **Credentials > Create Credentials > OAuth client ID**.
    * Application type: **Web application**.
    * **Authorized redirect URIs**: Copy and paste the exact callback URL provided in your plugin settings.
5. **Connect:** Copy the generated **Client ID** and **Client Secret** into the plugin settings and click **Connect**.
6. **Grant Permissions (Critical):** During the Google login popup, click *Advanced > Go to App* if prompted with an "unverified app" warning. You **must explicitly check the boxes** that ask for permission to compose/send emails before clicking Continue.

**Microsoft Office 365**
1. Go to the **Azure Portal** (portal.azure.com).
2. Navigate to **Azure Active Directory > App registrations > New registration**.
3. Enter an application name and set the **Redirect URI** (Web) to the exact URL provided in the plugin settings.
4. Go to **Certificates & secrets** and create a new client secret. Copy the secret's Value.
5. Go to **API permissions > Add a permission > Microsoft Graph > Delegated permissions** and add `SMTP.Send` and `offline_access`.
6. Copy the **Application (client) ID** and the **Client Secret** into the plugin settings.
7. Click **Connect with OAuth2**.

Would you like to find more presets (that you think are useful to other users)?
Open a request in the support form and provide the necessary connection data (auth, server address and port).
In the next cf7-smtp version you will find the required configuration among the presets.

= Security =
It's warmly advised to use OAuth2 for supported providers (Gmail, Office365) so no passwords are saved. If using basic SMTP authentication, it is highly recommended to store at least the password into wp-config.php as a constant.
And in addition, it's also very easy! It needs only to add

`define( 'CF7_SMTP_USER_PASS', 'mySecr3tp4ssWord' );`

into your `wp-config.php` just before

`/* That's all, stop editing! Happy publishing. */`

All passwords will be stored encrypted, but still it is not good practice to put it into database!

= Quick setup =
as with the user password other constants can also be defined.
Available constant are CF7_SMTP_HOST, CF7_SMTP_PORT, CF7_SMTP_AUTH, CF7_SMTP_USER_NAME, CF7_SMTP_USER_PASS, CF7_SMTP_FROM_MAIL, CF7_SMTP_FROM_NAME

But, to quickly set up the plugin there is one constant that wraps all the others, so in case you manage multiple websites this will be very convenient!

`define(
    'CF7_SMTP_SETTINGS',
    array(
      'host'      => string,
      'port'      => number,
      'auth'      => ''|'tls'|'ssl',
      'user_name' => string,
      'user_pass' => string,
      'replyTo'   => true|false,
      'insecure'  => true|false,
      'from_mail' => email,
      'from_name' => string,
      'smtp_mode' => 'cf7'|'override',
  ));
`

= Template =
Wouldn't it be better to have a small container to make our mail a little prettier?
Well we have it! You can now assign specific templates to each of your forms via the plugin settings dashboard.
To use your own custom templates for emails, simply create them by following these steps:
1. Create a folder named `cf7-smtp/` or `templates/cf7-smtp/` in your theme (or child theme) folder.
2. Create a `.php` or `.html` template file inside it.
3. Go to the plugin settings under **Style > Form Email Templates**, and select your newly found custom template from the dropdown menu for the desired form.
4. (Optional) You can customize the logo, website link, and other template parts. Checkout the filter documentation on GitHub/wiki.

== Support ==
Community support: via the [support forums](https://wordpress.org/support/plugin/cf7-smtp/) on wordpress.org
Bug reporting (preferred): file an issue on [GitHub](https://github.com/erikyo/cf7-smtp)

= Contribute =
We love your input!
We want to make contributing to this project as easy and transparent as possible, whether it's:

* Reporting a bug
* Testing the plugin
* Discussing the current state, features, improvements
* Submitting a fix or a new feature

We use GitHub to host code, to track issues and feature requests, as well as accept pull requests.
By contributing, you agree that your contributions will be licensed under its GPLv2 License.

== Installation ==

= Using The WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Search for 'cf7-smtp'
3. Click 'Install Now'
4. Activate the plugin on the Plugin dashboard

= Uploading in WordPress Dashboard =

1. Navigate to the 'Add New' in the plugins dashboard
2. Navigate to the 'Upload' area
3. Select `cf7-smtp.zip` from your computer
4. Click 'Install Now'
5. Activate the plugin in the Plugin dashboard

= Using FTP =

1. Download `cf7-smtp.zip`
2. Extract the `cf7-smtp` directory to your computer
3. Upload the `cf7-smtp` directory to the `/wp-content/plugins/` directory
4. Activate the plugin in the Plugin dashboard

== Changelog ==

= 1.1.1 =
- Security: Implemented AES-256-GCM encryption for sensitive data with enhanced key and IV handling.
- Security: Hardened OAuth2 flow with strict state validation to prevent replay attacks and improved sanitization of GET parameters.
- Security: Added autocomplete="off" to OAuth2 Client ID and Secret fields and implemented nonce validation for import/export actions.
- New: Introduced custom OAuth2 Scopes support and configurable scope separators.
- New: Added a dedicated Reply-To email input field, replacing the legacy checkbox logic for better flexibility.
- Enhancement: Integrated SMTP Transaction Logging to capture raw debug details for easier troubleshooting.
- Enhancement: Added tracking for CF7 form IDs and Page IDs during email submissions.
- Enhancement: Added a notification system to handle specific error responses from Microsoft OAuth services.
- Enhancement: Added a secondary OAuth redirect URI without parameters to satisfy strict Microsoft requirements.
- Refactor: Significant code cleanup to align with WordPress Coding Standards and PHPMailer method naming conventions.
- Note: Legacy "Reply-To" settings are automatically migrated to the new reply_to_email configuration attribute.
- Special thanks to @MemoryShadow for significant contributions for the MS Outloook 365 setup, security hardening and OAuth2 stability.

= 1.1.0 =
* **New:** Added OAuth2 authentication support for Microsoft Office 365.
* **New:** Per-form template selection! You can now assign specific custom templates to individual Contact Form 7 forms from the settings.
* **New:** Custom templates are now supported inside your theme or child-theme folder (`your-theme/cf7-smtp/`).
* **New:** SMTP Mode selection - choose whether to override all WordPress emails or just CF7.
* **Enhancement:** Revamped automated reports with a beautiful HTML template.
* **Enhancement:** Added log retention day settings and manual flush logs capability.
* thanks to @islp for reporting the issues related to "from" field and dashboard widget visibility

= 1.0.0 =
* Cleaner code, updated dependencies
* @DAnn2012 has contributed fixin a bug in a translation string

= 0.0.2 =
* The configuration panel has been integrated with Contact Form 7 forms
* The widget which shows sent and unsent emails is now in the WordPress dashboard
* Fix an issue about password being reset when saving the plugin options

= 0.0.1 =
* First Release

== Screenshot ==
1. Plugin options (1/1)

= Resources =
* [Wordpress Plugin boilerplate](https://github.com/WPBP/WordPress-Plugin-Boilerplate-Powered)
* Contact Form 7 © 2021 Takayuki Miyoshi,[LGPLv3 or later](https://it.wordpress.org/plugins/contact-form-7/)
* chart.js https://www.chartjs.org/, © 2021 Chart.js [contributors](https://github.com/chartjs/Chart.js/graphs/contributors), [MIT](https://github.com/chartjs/Chart.js/blob/master/LICENSE.md)
* Banner image - Ejiri in Suruga Province (Sunshū Ejiri), from the series Thirty-six Views of Mount Fuji (Fugaku sanjūrokkei) Artist: Katsushika Hokusai (Japanese, Tokyo (Edo) 1760–1849 Tokyo (Edo))
